Vulnerabilities

CVE-2026-22233

by Fred · 08/01/2026

OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment in the “Estimated Staff Hours” field. The JavaScript is executed whenever another user visits the Project Cost tab. Fixed in OPEXUS eCASE Audit 11.14.2.0.

More information : https://docs.opexustech.com/docs/oig/audit/eCase_Audit_Release_Notes_11.14.2.0.pdf

Similar

Tags: Cybersecurity Alert